Skip to content

text_finder: Clamp stored match line text to a window around the match#60311

Open
rtfeldman wants to merge 1 commit into
fr-110/fix-nested-draw-arena-corruptionfrom
richard/fr-106-fatal-error-sigabrt-0x0
Open

text_finder: Clamp stored match line text to a window around the match#60311
rtfeldman wants to merge 1 commit into
fr-110/fix-nested-draw-arena-corruptionfrom
richard/fr-106-fatal-error-sigabrt-0x0

Conversation

@rtfeldman

@rtfeldman rtfeldman commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Investigating FR-106 — a SIGABRT on Linux that aborted inside the allocator while the text finder was copying a matched line — surfaced two plausible causes. The likelier one is the nested-draw arena corruption fixed by #60295, which this PR stacks on (glibc detecting corrupted heap metadata at a later, unrelated allocation matches the crash's stack shape exactly). The other is a real defect in the text finder itself: every SearchMatch retained a copy of the entire line containing the match, so on a file with one enormous line (e.g. minified sources) every match retained a copy of the whole file, and the imported-matches path also materialized the full buffer text once per match. A broad query against such a file could request tens of gigabytes and die with an allocation failure — the same SIGABRT signature.

This fixes the second cause: the stored line text is read directly from the buffer snapshot (no more full-text materialization) and clamped to a small window around the match start, far more than a picker row can display. Since relative_range is now relative to that window rather than the full line, the match's true column is stored separately for cursor placement when opening a result. With both causes addressed, any recurrence of this crash fingerprint on fixed builds indicates a fresh cause and should be reinvestigated.

Closes FR-106

Release Notes:

  • Fixed excessive memory usage when a text finder search matched files with extremely long lines.

Each SearchMatch retained a copy of the entire line containing the
match, and both construction paths materialized the full buffer text
(the imported-matches path once per match). On files with enormous
single lines (e.g. minified sources), a broad query could request
gigabytes of allocations and abort in the allocator (FR-106).

Read the line directly from the buffer snapshot instead, keep at most
a small window around the match start, and store the match's true
column separately now that relative_range is window-relative.
@cla-bot cla-bot Bot added the cla-signed The user has signed the Contributor License Agreement label Jul 2, 2026
@zed-community-bot zed-community-bot Bot added the staff Pull requests authored by a current member of Zed staff label Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

cla-signed The user has signed the Contributor License Agreement staff Pull requests authored by a current member of Zed staff

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant